[phplib-dev] patch's to session.inc, auth.inc From: Jeff Schmidt (jschmid <email protected>)
Date: 05/09/00

Hello,
   Here are a couple of patch's (against 7.2b) for you to consider. The main
intent of the patches is to get phplib to deal gracefully with GET variables.

A couple of notes about the changes I made:
   auth->login_if() now takes a string which acts as the name of the flag
variable that will be set instead of being passed a boolean value. It then
checks to see if that variable is set in the global context, and if so, logs
in. Additionally, it forces QUERY_STRING to be propagated, after stripping the
flag variable.

   session->start() now copies the query_string to a different global variable
(so that login_if() can restore it if need be) and then sets it to be empty.

   Lastly, I added a variable to session and an ereg_replace inside self_url().
These changes you can ignore if you like. The purpose of that change was that I
was using phplib with Roxen Challenger with the redirect module and cgi php,
which caused self_url to return the string "/cgi-bin/php.cgi/path/to/script" and
I needed the "/cgi-bin/php.cgi" part stripped out. You may want to consider
leaving that in for others who have similar problems (I know I saw at least one
message detailing a similar problem on the user list recently).

Please let me know what you think of the patch. If it breaks rules of good
design (perhaps because it maybe relies too much on global variables, or some
such thing) please let me know so I can try to find a better solution.

Thanks
Jeff Schmidt 

--
"Message sent by jschmid <email protected>"

--- /home/jps/phplib-7.2b/php/auth.inc Thu Mar 23 06:28:51 2000 +++ ./auth.inc Tue May 9 02:17:32 2000 @@ -199,7 +199,12 @@ } function login_if( $t ) { - if ( $t ) { + global $$t, $QUERY_STRING_COPY, $QUERY_STRING; + + if (isset($$t)) { + $QUERY_STRING = ereg_replace( "(^|&)" . $t ."=" . $$t . "(&|$)", + "\\1", $QUERY_STRING_COPY); + $this->unauth(); # We have to relogin, so clear current auth info $this->nobody = false; # We are forcing login, so default auth is # disabled

--- /home/jps/phplib-7.2b/php/session.inc Thu Mar 23 06:28:51 2000 +++ ./session.inc Tue May 9 02:21:23 2000 @@ -15,6 +15,10 @@ ## Define the parameters of your session by either overwriting ## these values or by subclassing session (recommended). + var $cgi_prefix = ""; ## If your webserver is adding extra + ## to the script path, put that extra + ##stuff here. + var $magic = ""; ## Some string you should change. var $mode = "cookie"; ## We propagate session IDs with cookies var $fallback_mode; ## If this doesn't work, fall back... @@ -201,8 +205,11 @@ function self_url() { global $PHP_SELF, $QUERY_STRING; - return $this->url($PHP_SELF. + $self_url = $this->url($PHP_SELF. ((isset($QUERY_STRING) && ("" != $QUERY_STRING)) ? "?".$QUERY_STRING : "")); + + $self_url = ereg_replace($this->cgi_prefix, "", $self_url); + return $self_url; } function pself_url() { @@ -383,7 +390,7 @@ $this->name = $this->cookiename==""?$this->classname:$this->cookiename; } - function release_token(){ + function release_token($sid){ global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_HOST, $HTTPS; if ( isset($this->fallback_mode) && ( "get" == $this->fallback_mode ) @@ -467,9 +474,15 @@ ## function start($sid = "") { + global $QUERY_STRING, $QUERY_STRING_COPY; + $this->set_container(); $this->set_tokenname(); $this->release_token($sid); + + $QUERY_STRING_COPY = $QUERY_STRING; + $QUERY_STRING = ""; + $this->put_headers(); $this->get_id($sid); $this->thaw();

--------------------------------------------------------------------- To unsubscribe, e-mail: phplib-dev-unsubscribe <email protected> For additional commands, e-mail: phplib-dev-help <email protected>